from the a-useful-level-of-distrust dept

We already wrote about the information sharing efforts coming out of the White House cybersecurity summit at Stanford today. That's supposedly the focus of the event. However, there's a much bigger issue happening as well: and it's the growing distrust between the tech industry and the intelligence community. As Bloomberg notes, the CEOs of Google, Yahoo and Facebook were all invited to join President Obama at the summit and all three declined. Apple's CEO Tim Cook will be there, but he appears to be delivering a message to the intelligence and law enforcement communities, if they think they're going to get him to drop the plan to encrypt iOS devices by default:

In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.

In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes (in the link above), Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to "collect it all" -- including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA's efforts to buy up zero day vulnerabilities before companies can find out and patch them:

“What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.”

That Times article quotes White House cybersecurity boss Michael Daniel (the man who is proud of his own lacking of cybersecurity skills) trying to play down the "tensions" between Silicon Valley and Washington, followed by this anonymous quote from a Silicon Valley exec:

“A stupid approach,” is the assessment of one technology executive who will be seeing Mr. Obama on Friday, and who asked to speak anonymously.

Further, the article discusses how companies are trying to fight back against the NSA's abuse of zero days (another thing that Daniel has championed) by getting to them before the government does:

And while Silicon Valley executives have made a very public argument over encryption, they have been fuming quietly over the government’s use of zero-day flaws. Intelligence agencies are intent on finding or buying information about those flaws in widely used hardware and software, and information about the flaws often sells for hundreds of thousands of dollars on the black market. N.S.A. keeps a potent stockpile, without revealing the flaws to manufacturers.

Companies like Google, Facebook, Microsoft and Twitter are fighting back by paying “bug bounties” to friendly hackers who alert them to serious bugs in their systems so they can be fixed. And last July, Google took the effort to another level. That month, Mr. Grosse began recruiting some of the world’s best bug hunters to track down and neuter the very bugs that intelligence agencies and military contractors have been paying top dollar for to add to their arsenals.

They called the effort “Project Zero,” Mr. Grosse says, because the ultimate goal is to bring the number of bugs down to zero. He said that “Project Zero” would never get the number of bugs down to zero “but we’re going to get close.”

There's a lot more in the two stories ahead, but the angry feeling is real. In the past year, it's amazing how many conversations I've had with people around Silicon Valley who aren't just upset or disgusted over the intelligence community's actions, they're angry. And while the tech industry was never as buddy buddy with the government as some have tried to imply, things had undoubtedly become complacent in some circles, with little effort being made to make sure that information wasn't being misused or abused. But that's no longer the case. There are, of course, legal limits on what companies can do, but just as the NSA once explained how they play right up to the very edge of the limits that Congress puts around them (some of us believe they go beyond that...), the tech industry is rapidly learning that they, too, need to push back to the line that the law allows them to do so as well.

And, of course, none of that would likely have happened without Ed Snowden revealing to journalists the nature of the NSA's overreach.

from the checked-and-balanced dept

California judge Paul Grewal continues to hold up his end of the "Magistrates' Revolt." Grewal was the magistrate who shot down the government's open-ended request to grab every email in a person's Gmail account and sort through them at its leisure. He was actually the second magistrate to shoot down this request. The government went "judge shopping" after Judge John Facciola told it the scope of the request needed to be narrowed considerably before he would even think about granting it. The government decided it still wanted all the email and traveled across the country to see Judge Grewal… who told them to GTFO without even giving the feds the option to rewrite the request.

Law enforcement cannot indefinitely forbid Yahoo Inc from revealing a grand jury subpoena that seeks subscriber account information, a U.S. judge ruled, because doing so would violate the company’s free speech rights.

U.S. Magistrate Judge Paul Grewal in San Jose, California on Thursday wrote that the government’s request would prohibit Yahoo from disclosing the subpoena, even years after the grand jury concluded its probe. The court order does not disclose the target of the federal investigation.

“In an era of increasing public demand for transparency about the extent of government demands for data from providers like Yahoo!, this cannot stand,” Grewal wrote.

Yahoo has had its fill of government secrecy. It spent a long time fighting both broad subscriber data requests from the NSA and their accompanying 25-year gag orders. Its ardent defense of its subscribers against broad government requests would still be under seal, but thanks to recently declassified documents, it has been able to address the subject publicly -- nearly 18 years before the gag order would have "aged off."

Instead of asking that Yahoo be gagged for 60 or 90 days, the government asked that the company be gagged until further order of the court.

Grewal's rejection points out that the government feels entitled to indefinite gag orders, but has yet to offer any reasons why it should have its wishes granted.

The government did not demonstrate why such an indefinite request was necessary, Grewal wrote.

Judge Grewal has sent the government back to perform a rewrite -- either providing justification for its ridiculous demands, or to request something less illogical, like a finite gag order. The government has availed itself of many judicial rubber stamps over the years, but it looks like it's still running into resistance on both coasts: Paul Grewal in California and John Facciola in Washington D.C.

The ACLU has also been engaged in this fight against government secrecy since early last year, bringing more attention and legal expertise to an issue that hasn't achieved the terminal velocity of mainstream media attention. It's a bit more trench warfare, pitting magistrate judges and amicus briefs against the DOJ's assumption that it should have whatever it asks for, because terrorism, drugs, grand juries or whatever.

from the urls-we-dig-up dept

As artificial intelligence gets more and more advanced, the differences between how computers recognize patterns and how humans do may become harder and harder to discern. However, it's obvious there are differences -- which might matter significantly if we're going to put these image recognition algorithms in control of autonomous cars or military threat detection systems. Check out a few of these image processing algorithms.

from the good-to-see dept

Back in June we wrote about Google's "End-to-End" project to enable full (real) end-to-end encryption in email via a Chrome extension. For years now, we've been among those arguing that Google should actually offer end-to-end encryption by default (which would make the company unable to read your emails). This isn't going that far, but making it much easier for individuals to truly encrypt their own emails (without any backdoors for the email provider) is definitely a big step forward. So it's good to see that the company has now moved the project to GitHub, and that Yahoo's Chief Security Officer, Alex Stamos, has been contributing to the project as well. Having two of the biggest webmail providers working together on an open source system for better encrypting emails end-to-end is a huge win for privacy and security. The project is still in its early days, and Google warns that it's not yet ready to release the extension in the Chrome Web Store, but it's great that things are moving forward. Of course, for those of you who can't wait, there already some extensions like Mailvelope that are pretty easy to use (though, some worry are not quite as secure as other options).

from the so,-why-is-the-GCHQ-still-collecting-paychecks? dept

UK Prime Minister David Cameron doesn't ask for much from the world's tech companies. All he wants is for them to proactively police the web for child pornography, piracy and extremist content. He's not offering to pay for these services. He just expects Google et al to do this on their own time and own dime to make the world a better place.

Internet companies like Google and Yahoo should tell the police if possible terrorists are searching for tips to make bombs on the internet, David Cameron has said.

The Prime Minister said he wanted to apply to the internet the "principles of common sense, decency, moral responsibility as we do to real life".

It's simply not enough to index the web for searchability. Now, search engines need to act as unpaid informants for the world's law enforcement agencies, turning over information on questionable searches to the proper authorities.

Of course, Google and Yahoo have no way of knowing whether searches for bomb-making tips are originating from terrorism suspects or screenplay writers or bored youths using search engines as an Anarchist's Cookbook proxy. These prickly issues have likely never troubled Cameron's grey matter. If so, these inane soundbites never would have escaped his lips. The more he talks, the more inane his platitudes-masquerading-as-solutions sound.

Mr Cameron said he wanted internet companies to take the same moral responsibility as if someone overheard a group planning a bombing in a pub.

"See something, say something" has done little more than tie up limited resources with a mass of false positives. Putting Google and Yahoo in this position is just asking for more of the same. What Cameron is asking for is the compilation of useless information that will only snag the innocent and the inept. If these are the sorts of "terrorists" Cameron wants removed from circulation, he should just ask his local law enforcement to follow the FBI's lead. Busting handcrafted terrorists is far easier than hunting down actual threats, but it still sounds like real "wins" in press releases or politicians' mouths.

Any would-be terrorist who doesn't want to end up behind bars knows better than to plan violent acts in public, unlike the metaphorical extremists in Cameron's fantasy. Using the two largest search engines isn't much different than mapping out a bombing over a few pints at the local pub, but asking Google and Yahoo to treat their search engines like overheard conversations is guaranteed to end in futility.

Cameron compares it to child porn (because of course he does) even though there's a big difference between searching out plainly illegal content and searches that may seem ominous when observed without context. Search engines track searches to provide relevant results to users, so there's little doubt this information is retained somewhere. But it isn't something that should be turned over to law enforcement just because certain terms were used. There are plenty of legitimate reasons for researching topics that are "terrorist-related" but Cameron's request doesn't leave any room for essential nuances like these.

We expect our search providers to return search results, not subject us to additional government scrutiny simply because our searches contain a few arbitrarily-flagged terms. If search engines become just another form of direct government surveillance, more and more users will take their business elsewhere. Terrorists -- at least those with any instinct for self-preservation -- already have.

from the permissionless-culture-is-okay dept

There appear to be a lot of people up in arms over Flickr's announced plans to sell wall art prints of various Creative Commons-licensed images on the site. The uproar is mostly because people who chose a license like Creative Commons' attribution license, and not a "non-commercial" license are not going to see any money from any images that Flickr (owned by Yahoo) sells. And that leads to angry posts like this one arguing that selling the work is "cheesy, desperate and not at all fine with me."

Except... the license that was chosen says that, yes, this is fine with you. This doesn't necessarily mean that Flickr/Yahoo's decision was smart. The way it's being done appears to be upsetting lots of people, and upsetting the core people who make your service work is -- generally speaking -- not smart. But this leads to a bigger issue, one that is highlighted nicely in a post on all of this by Tom Lee, in which he notes that part of open licensing is giving up control so that others can benefit. And this is a key point that is missed by many, unfortunately:

Open licensing is about giving up control so that other people can benefit. That’s all it will cost you: control. Having control feels nice. But you should ask yourself what it really gets you. And you should think about what others might gain if you were able to let go.

Furthermore, he notes that what Flickr is doing here really will benefit lots of folks:

Flickr’s sale of prints does not deprive photographers of their work or money. Users have the same ability to use their work that they always had. The vast majority would never have taken the steps necessary to profit from their work, so print sales do not deprive them of money. When a user really expects to sell prints, they should avoid Creative Commons licensing, which, as I’ve mentioned, is easily done.

Flickr’s sale of prints provides benefits to other people. People who work for and own Flickr make money. The vendors producing and delivering the prints make money. And people who buy prints get to enjoy works of art.

Parker Higgins posted some further thoughts on Twitter that are worth noting as well. Many of the people who are upset about this are angry that Yahoo didn't ask them about this first. But as Higgins notes, that's just bringing back the idea of permission-based culture, rather than recognizing that a big part of the value of Creative Commons (or any other such open license system or public domain) is getting beyond permission culture and recognizing that in giving up control, there are lots of benefits.

Free culture licenses aren't supposed to flag that you're a cooperative player in permissions culture. They're supposed to do the opposite.

Now, one could make a reasonable cultural argument that Yahoo/Flickr should have approached this situation with more caution -- recognizing how some people would likely respond to this, no matter how reasonable or legal it is. If I were in charge of the program at Yahoo, that likely would have been my approach. But, the troubling end result of this is that it may just lead more people to slap a "non-commercial" license on their Creative Commons works, greatly limiting the kinds of benefits that are out there, without providing any real benefit to themselves. In some ways, this gets to the heart of the problems we've noted with Creative Commons in the past -- especially the fact that many incorrectly assume that all CC-licensed material is only for non-commercial use. It's also why we think there's a strong argument that Creative Commons should either drop or totally rebrand the non-commercial offering, so that this branding confusion is dealt with. The anger in this situation is just a rehash of that branding confusion -- and the end result is that it reinforces this idea of "permissions" culture, rather than highlighting the benefits of sharing culture without first needing permission -- even if for commercial reasons.

from the so,-more-of-the-same,-except-retroactively? dept

A legal battle between Yahoo and the government over the Protect America Act took place in 2008, but details (forced from the government's Top Secret file folders by FISA Judge Reggie Walton) are only emerging now. A total of 1,500 pages will eventually make their way into the public domain once redactions have been applied. The most recent release is a transcript [pdf link] of oral arguments presented by Yahoo's counsel (Mark Zwillinger) and the US Solicitor General (Gregory Garre).

Zwillinger opens up the arguments by questioning the government's methods of determining who should be placed under surveillance.

Why I show this to you is because I think it's a perfectly fair question for you to ask the Solicitor General of the United States how a name gets on this list. This isn't reviewed by a -- the FISA Court. These names aren't reviewed by the Attorney General of the United States. The difference between surveilling an account and exposing someone's most private communications and not is how a name gets on this list; and all we know about it from page 47 of their brief, is that an intelligence analyst puts it on the list.

From this arbitrary beginning springs a wealth of errors.

[REDACTED] of the accounts we have been given do not exist. They aren't accounts at Yahoo. Whether the government is misinformed, or using stale information, we don't know; But the fact that [REDACTED] accounts do not exist raises a serious possibility that some of those accounts have already been recycled and are used by other Yahoo users, or that the information that the government has is just wrong, and the wrong is being placed under surveillance.

Zwillinger points out that Yahoo is just one provider and yet has (the number is redacted, but is at least 4 digits with a comma) a large number of accounts under surveillance. He then refers to the multiple errors again, stating that when the government screws up, it's very likely that American citizens will be mistakenly placed under surveillance.

The difference between a U.S. person and a non-U.S. person in this context could be a letter or a digit in an email address; and if they have it wrong, the consequences will likely be felt here, because more Yahoo users are from the United States than any other single country.

The judges claim minimization procedures eliminate the problem of inadvertent collections, but Zwillinger points out that the surveillance carried out under the Protect America Act actually doesn't contain protections against use of wrongly swept up US persons' communications and data.

The government's response begins by denying that US persons' data is retained. "There is no database," says Gregory Garre, before having to admit a few sentences later, that incidental data is retained (and distributed) if there is evidence of other, non-national-security-related criminal activity.

Garre then goes on to explain why the government feels it should have warrantless access to US persons' communications, routed through and stored at US servers. He refers to satellite communications -- something in use when FISA was enacted in 1978. Garre says that even though these communications may have been captured by domestic satellite receivers, it's the point of origin that matters. Outside the US? No warrant needed, even for US persons. Likewise for emails stored on Yahoo servers.

MR. GARRE: I don't think anybody would argue that the Fourth Amendment would apply to that communication, even though the email communications go to account in Sunnyvale, California. I haven't understood Yahoo to argue that the Fourth Amendment would be implicated by that.

And, similarly, the Fourth Amendment isn't --

JUSTICE SELYA: You mean the interception there by you and Yahoo would not implicate the Fourth Amendment?

MR. GARRE: That Certainly would be the government's view.

Garre also blames the large number of dead accounts in the court orders on Yahoo's refusal to immediately comply, while simultaneously spinning it as the unavoidable collateral damage of "efficient" surveillance.

So the fact that accounts have been closed is not significant, and that's particularly true given that the large number of email accounts here is reflected by the fact that Yahoo is in noncompliance for several months. So, if you go back several months, it's not surprising that several accounts have been closed.

Garre asserts that if anyone deserves the benefit of a doubt in this situation, it's the US government. He states that the Executive Branch and the intelligence community have a long-standing history of not violating the rights of US citizens -- a statement that wasn't even mostly true prior to the 9/11 attacks, and is almost laughable in the wake of what's been uncovered since then. He also points to Congressional oversight and suggests its legislative powers would have been used to rein in the NSA and others if it had actually seen signs of abuse.

In his rebuttal, Zwillinger punches holes in Garre's narrative.

You know, the Solicitor General talks about Congress spoke here, but to the extent Congress has spoken, then they turn around and admit they misspoke. And now they have a Senate report that says we failed to provide adequate protections for U.S. persons, and we are going to pass new legislation. They intentionally let the Protect America Act lapse. So to the extent congressional oversight even exists after February 16, 2008, which I'm not sure it does, it provides no check. Congress can't do anything differently. The statute has passed. The directives continue all the way until the expiration date, but the statute doesn't exist any more. It's not Congress's current view of how surveillance should he conducted.

But the most surprising assertions made in these oral arguments don't come from the Solicitor General. They come from Judge Morris S. Arnold, who shows something nearing disdain for the privacy of the American public and their Fourth Amendment rights.

In the first few pages of the oral arguments, while discussing whether or not secret surveillance actually harms US citizens (or the companies forced to comply with government orders), Arnold pulls a complete Mike Rogers:

If this order is enforced and it's secret, how can you be hurt? The people don't know that -- that they're being monitored in some way. How can you be harmed by it? I mean, what's --what's the -- what's your -- what's the damage to your consumer?

By the same logic, all sorts of secret surveillance would be OK -- like watching your neighbor's wife undress through the window, or placing a hidden camera in the restroom -- as long as the surveilled party is never made aware of it. If you don't know it's happening, then there's nothing wrong with it. Right? [h/t to Alex Stamos]

In the next astounding quote, Arnold makes the case that the Fourth Amendment doesn't stipulate the use of warrants for searches because it's not written right up on top in bold caps… or something.

The whole thrust of the development of Fourth Amendment law has sort of emphasized the watchdog function of the judiciary. If you just look at the Fourth Amendment, there's nothing in there that really says that a warrant is usually required. It doesn't say that at all, and the warrant clause is at the bottom end of the Fourth Amendment, and -- but that's the way -- that's the way it has been interpreted.

What's standing between US citizens and unconstitutional acts by their government is a very thin wall indeed.

from the blindfolded-and-pickpocketed dept

After having the court documents unsealed and the gag order lifted, Yahoo is finally free to talk about that one time when the government wanted to fine it $250,000 a day [!!] for refusing to comply with a FISA court order to turn over data on its customers. Two of the lawyers (Mark Zwillinger and Jacob Sommer) who represented Yahoo in that court battle, have written a post detailing the behind-the-scenes activity.

First off, they note that it's kind of amazing they're even able to discuss it at this point.

Having toiled in secret until recently, and having originally been told we would need to wait 25 years to tell anyone of our experience, it is refreshing to be able to write about the case in detail.

That's the normal declassification schedule, which at this point would still be nearly 18 years away. Fortunately, Ed Snowden's leaks have led to an accelerated schedule for many documents related to the NSA's surveillance programs, as well as fewer judges being sympathetic to FOIA stonewalling and exemption abuse.

We've talked several times about how the government makes it nearly impossible to sue it for abusing civil liberties with its classified surveillance programs. It routinely claims that complainants have no standing, ignoring the fact that leaked documents have given us many details on what the NSA does and doesn't collect. But in Yahoo's case, it went against its own favorite lawsuit-dismissal ploy.

First, the government's prior position on standing may be a bit of a surprise. In more recent cases, like Clapper, it has argued that only the provider has standing to challenge surveillance orders under the FISA Amendments Act, not individual users who may have been caught up in the surveillance. But, in this fight, the government argued that Yahoo had no standing to challenge a directive on the basis of the Fourth Amendment rights of its users.

The government definitely would prefer the swift removal of cases rather than actually having to defend its programs' Constitutionality -- so much so that it attempted to push the argument that no one has standing to challenge its collections. But that wasn't the government's only angle. The courts refused to entertain this sudden shift in the government's "standing" argument, so it moved on to levying fines.

A very short time frame to respond was granted to Yahoo, something made even shorter by the government's foot-dragging.

The FISC issued its decision on April 25, 2008, but we were not permitted to inspect the order until April 29, 2008 (and even then were not allowed to take notes), and did not receive a copy until May 5, 2008, when the government demanded that Yahoo give a same-day answer whether it would comply with the surveillance demand.

Shortly after Yahoo's response, the government moved for contempt charges and fines. $250,000 per day was the minimum. It asked for constantly-escalating fines that would double each week until Yahoo complied. Even for a tech giant, this fee scale could turn into real money incredibly quickly.

Simple math indicates that Yahoo was facing fines of over $25 million dollars for the 1st month of noncompliance, and fines of over $400 million in the second month if the court went along with the government’s proposal. And practically speaking, coercive civil fines means that the government would seek increased fines, with no ceiling, until Yahoo complied.

While the government was threatening Yahoo with massive fines, it was also filing secret briefs and motions in support of its admittedly "coercive" levies, stating that the company's resistance was causing "great harm," apparently on a daily basis.

Finally, the documents that were recently released by the ODNI (and Yahoo itself) contain many that Yahoo -- who was directly involved in this court battle -- had never seen before August 22.

The government filed ex parte documents in support of its surveillance program, many of which Yahoo had no access to during the legal struggle. Not only did the government force Yahoo to respond on its own schedule, but it kept the company in the dark about its justifications and other aspects of its programs. Yahoo couldn't ask for these documents in discovery, nor did it even know these existed.

[P]erhaps most importantly, a FISC decision from January 15, 2008 regarding the procedures for the DNI/AG Certification at issue, which Yahoo had never seen. It examines those procedures under a “clearly erroneous” standard of review – which is one of the most deferential standards used by the judiciary. Yahoo did not have these documents at the time, nor the opportunity to conduct any discovery. It could not fully challenge statements the government made, such as the representation to FISCR “assur[ing the Court] it does not maintain a database of incidentally collected information from non-targeted United States persons, and there is no evidence to the contrary.” Nor could Yahoo use the January 15, 2008 decision to demonstrate how potential flaws in the targeting process translated into real world effects.

When it comes to the nation's security, apparently no legal deck can be stacked high enough. The government forces those who challenge its secret programs to wage courtroom battles with only the barest minimum of information. And, should it decide the defendant isn't moving fast enough, it can pursue exorbitant (and admittedly coercive) fines until it gets the cooperation it's seeking.

from the how-do-you-explain-that-one? dept

Back in 2013, a week after the whole PRISM program was first revealed thanks to Ed Snowden's leaks, it was then revealed that Yahoo had fought a secret legal battle against the program, based on a predecessor to the FISA Amendments Act of 2008 called the Protect America Act of 2007. Yahoo took this fight to the FISA court and then lost. The company was ordered to begin handing over information, even though the company believed the requests were unconstitutional. Late yesterday, Yahoo noted that the FISA Court was finally declassifying many of the documents from that legal fight. James Clapper's office quickly provided its spin on the 1,500 pages worth of documents in the fight. We're digging through all the documents and will likely have more to say once we've had a chance to read through them more carefully.

However, we wanted to comment briefly on the story that's already been making the rounds -- which was called out by Yahoo in its announcement about this. And it's that the government threatened Yahoo with a $250,000 per day fine for refusing to comply with the demands to turn over the information. That specific threat can be seen in the government's motion for an order of civil contempt, after Yahoo sought to appeal the original decision against Yahoo. Yahoo asked for a stay of the original ruling while it appealed, but the government insisted that the court should not allow a stay and should order Yahoo to hand over the data or pay the $250,000 per day fine -- which even the government refers to as a "coercive fine."

$250,000 per day is a lot. Yes, that number can add up pretty quickly, but the truly stunning thing about all of this is that you have to remember all of this was done in total secrecy (it's only come out now, about seven years after it happened). As a company making billions, perhaps it would be able to hide millions of dollars in fines, but somewhere along the line it would have had to have raised alarm bells from someone -- whether an accountant for the company or even someone on the board, wondering why giant chunks of money were going to the government based on absolutely no explanation. And making it even more bizarre is that almost no one in the company itself would have even been allowed to know what was going on. While it never actually got to that point, imagine the financial mess such a secret fine from a secret court would cause.

FISA Court judge Reggie Walton denied Yahoo's request for the stay, meaning Yahoo would likely have been found in contempt if it didn't start handing over data. Thus, even though the company was still trying to appeal the decision (unsuccessfully), it was forced to start handing over the data anyway.

There are so many things wrong (and seemingly unconstitutional) in this entire setup -- and I'm sure we'll have more to say on it after we've gone through the documents. But what kind of constitutional democracy are we living in when this kind of thing is considered to be perfectly acceptable by those in power?

from the worldwide-censorship dept

We've been covering the ridiculous ruling in the EU on the "right to be forgotten," which was interpreted to mean that search engines could be forced to delete links to perfectly truthful stories (and even if those stories are allowed to be kept online). Google has been trying to comply with the over 90,000 requests it has received -- nearly half of which it has approved -- and removed from its European searches. The company has been struggling to figure out how to comply with the ruling, and those struggles continue. Originally, it was going to place a notice on search results pages where links had been removed (like it does with copyright takedowns) alerting people that stories were missing. However, regulators told Google that would defeat the purpose. So now, Google's European search results show a message on nearly every search on a "name" that results might have been removed.

Either way, once Google started removing the requested stories, it did the right thing, alerting the websites that links were being removed. Of course, that just resulted in many of those publications writing about it, and bringing the original news back into the public eye.

In response to all of this, European regulators are apparently quite angry again, summoning representatives from Google, Yahoo and Microsoft (but mainly Google) to argue that the removals should be global, not just for Europe and that the companies should stop informing websites if their stories were removed. One hopes that these three companies would fight strongly against either such proposal. The idea that Europe can dictate how search engines in other parts of the world work is dangerous. We've already noted that a Canadian court seems to think it has similar powers, and that's going to create a huge mess. Any time courts and regulators in one country think they can dictate how websites work in other countries, that is creating a massive jurisdictional mess (where contradictory rulings may run into each other), as well as allowing oppressive states to claim they, too, have the right to dictate how the web works in more open countries.

As for blocking sites from being informed, that would clearly go against basic transparency principles, and lead to yet another huge mess for websites which will (quite reasonably) wonder why their stories have gone totally missing from Google searches (especially if forced to extend it around the globe).

Of course, the real problem here is with the original ruling. The idea that public information that is widely disseminated already can magically be made private because someone thinks it's embarrassing and that it's no longer important is simply a ridiculous assertion in the first place. All of the problems that have come in implementing this are because the initial premise -- trying to disappear public information -- is so messed up.